Introduction

A security system is a collection of procedures or technologies that safeguard people and

property from a variety of risks, including crime, fire, and mishaps. Security systems can also
safeguard sensitive data, vital infrastructure, or private data from unwanted access, destruction,
or loss. There are three methods of authentication used in the security field:

1. Anything you can carry: like a card key, smart card, or token
2. Anything that you know: like a password, PIN, or other piece of personal information
(such your mother's maiden name)
3. You: in form of biometric

Biometrics is a quantifiable physical feature or individual behavioral feature that is used to

identify or confirm an individual's mentioned identity.

Types of biometric-

1. Physiological biometric: An individual's bodily traits, such as their fingerprints, iris, face,
or palm, are used in physiological biometrics.
2. Behavioral biometrics: Identifies an individual based on their device interactions and
activity patterns. It includes signature, voice, keystroke pattern, and gait. Out of which
signature and voice are most significantly employed.
3. DNA-based authentication: Identifies an individual by their distinct genetic makeup.[1]

Figure:1 How a biometric system works

Application of biometrics identification is more difficult since it necessitates a multifaceted
search across a huge database of registered people. The security requirements of the system and
the possible risks it meets determine the sort of biometric that is utilized.

1. Physical Access: Biometrics are extensively utilized in physical security to regulate access to
high-security regions, properties, and protected spaces. In contrast to typical photo ID cards
that need to be manually verified by security personnel, biometrics enable autonomous
access control. Physical access control examples include the following: office buildings,
hospitals, casinos, fitness clubs, etc. Notable instance is that it was
utilized to control admission of 65,000 athletes during the 1996 Olympic Games, even
Season-pass holders were verified by Disney World using fingerprint scanners. Engineers are
creating prototypes to use biometric tp enhance passenger trabsit and safety at airports.
2. Virtual access: Once a point of controversy, biometrics for computer and network access is
now more widely used as device expenses have decreased.
Compared to conventional passwords, biometrics offer higher security and can be layered for
several levels of defense. For instance, biometrics can give a better level of data safety than
passwords, which only grant minimal access.
3. E-commerce: To improve identity verification and stop fraud in online purchases, biometrics
and smart cards are being tried. To guarantee safe online banking and non-disclosure (proof
of identification) for trade and purchases, banks are researching the use of smart cards and
biometrics in unison. According to MasterCard, point-of-sale (POS) systems are also
substituting signature verification with smart cards and biometrics, which could cut fraud by
80%.
4. Security in High-Volume Access Areas: Biometrics work well in large-scale entry
environments where lots of individuals require quick, safe access, such stadiums, theme
parks, and huge gatherings. Large numbers of identities can be processed and managed
effectively by biometric systems neither sacrificing security nor necessitating manual ID
checks by employees.
5. Covert Surveillance: The use of biometrics for secret monitoring, such as seeing suspects in
masses, is one difficult research topic. In order to effortlessly recognize people in busy
places, such as airports in particular, technologies like body and face recognition are being
researched. Technical challenges for this method include: Recognizing several individuals in
a crowd at once, overcoming stubborn individuals who could be hard to spot because of their
erratic postures, camera angles, or distance from the lens.[1]

The most common dermatoglyphic features located on fingertip pattern of every digits
characterized by: tri-radius, which is a group of ridges creating a Y at the base of each individual
finger, Cores and Radiant is known as fingerprint.[2][3] One of the most extensively researched
and developed areas of verification is the use of fingerprints since it offers a number of benefits
over alternative techniques.[4] This is due to its uniqueness i.e., no two individuals can have the
same fingerprint, including identical twins and permanence, i.e., fingerprint of individual remain
unchanged throughout his lifetime.[5] Numerous studies have examined the uniqueness of
fingerprints, and it is widely accepted that the chances of two fingerprints matching is
exceptionally low.[6][7]

Fingerprint spoofing: Spoofing is a technique for breaching biometric systems in which synthetic
items mimic biological and behavioral traits and are put forward to the biometric acquisition
system.[8] Fingerprint identification is one of the most popular biometric techniques because it
maintains the right balance between pricing, simplicity, and reliability. But the increasing use of
fingerprint biometrics has also drawn the interest of fraudsters, who create advanced spoofing
methods to trick these technologies and obtain illegal access.

Figure:2 Spoofing attacks in fingerprint system security

Key challenges faced due to fingerprint spoofing are as follows:

1. Variety of Media: Latex, silicone, gelatin, and other substances can all be used in spoof
deceptions. It is difficult for detecting algorithms to evolve broadly and efficiently due to
this material variability.[9]
2. Recognition Techniques: It is crucial to create new detection techniques. Although both
hardware-assisted and software-centric techniques are being investigated, each has
 particular consequences for improving safety and taking user confidentiality into account.
[10]
3. Advancement of Algorithms: Algorithms with global recognizing capabilities are
required. It is still challenging for present methods to adjust to new and developing
spoofing techniques.[9]
4. User confidentiality: It is still difficult to strike a balance between strong security
protocols, user-centered design, and moral handling of fingerprint data.[10]
5. Environmental Impacts: The accuracy of fingerprint identification can be impacted by
environmental factors, such as dermatological issues or illnesses, which might lead to
further difficulties.[10]
6. Live vs. Artificial Finger Detection: The key concern is still making sure the input finger
is real and not a fake. Numerous ideas have been put forth, yet there are still concerns
about their consistency and practicality.[11]

Limitations of traditional biometric system in identifying spoofs: Even though conventional

biometric systems have worked well in a variety of situations, they have drawbacks when
exposed to complex spoofing attempts:

1. Analysis at the Surface Level: Surface-level characteristics of fingerprints, like ridge

patterns and minutiae points, are the main source of information for optical fingerprint
scanners. Because of this, they are vulnerable to spoofing techniques that accurately
reproduce these surface features.
2. Absence of Subsurface Analysis: Sweat pores and ridge patterns below the skin's surface
are examples of subsurface fingerprint characteristics that are usually missed by
conventional sensors. Because of this restriction, it is challenging to distinguish between
authentic fingerprints and skillfully created spoofs that are devoid of these subtle
characteristics.
3. Susceptibility to Replica Attacks: Replica attacks can affect biometric systems that only
use template or photographs of fingerprints. An attacker can produce spoof prints that are
identical to the real ones if they have a high-quality image or model of a legitimate
fingerprint.
4. Limited Anti-Spoofing methods: A lot of current biometric systems rely mostly on simple
tests like fingerprint liveness recognition and lack strong anti-spoofing methods. These
methods are frequently unable to identify complex spoofing methods that mimic the
physiological traits and actions linked to real fingerprints.[12]

Objective:
This review’s main goal is to understand about the concept of fingerprint spoofing, its impact on
biometric security system and spoofing detection method. The major aim of this review paper
can be broken down as:
1. To get an understanding about fingerprint spoofing
2. Challenges faced by security systems
3. Limitations of conventional methods
4. Address different methods that can be employed to detect spoofing attacks
5. Future directions
Related work:

In this section we will review the works done to detect fingerprint spoofing method. Fingerprint
spoofing detection techniques can be broadly divided into two categories: software-based
approaches (which solely depend on the data obtained by the authentication system's standard
acquisition sensor) and hardware-based approaches (which investigate additional sensors).[13]

On the basis of quality parameters including ridge strength or directionality, ridge consistency,
ridge detail, and integrity of the ridge-valley structure, Galbally et al. [14] suggested a set of
features for fingerprint liveness identification. Three benchmarks from the LivDet 2009
fingerprint competition [15] that were recorded using several optical sensors—Biometrika,
CrossMatch, and Identix—were taken into account during the validation. Subsequent research
[16] investigated the technique with gummy fingers present.
The Weber Local Image Descriptor (WLD), which is ideally suited to high-contrast structures
like the ridges and valleys of fingerprint pictures, was investigated by Gragnaniello et al. [17] for
liveness detection. WLD is also resistant to variations in light and noise. The LivDet 2009 and
LivDet 2011 fingerprint competition datasets were taken into consideration throughout the
process.
Binarized Statistical Image Features (BSIF), first put out by Kannala et al. [19], were
investigated by Ghiani et al. [20]. The LBP and LPQ approaches served as the model for the
BSIF. Unlike LBP and LPQ methods, BSIF uses natural picture metrics to develop a filter set
[21]. The standards from the LivDet 2011 Fingerprint Competition were taken into account
throughout the examination.
Using local patches obtained near fingerprint minutiae, Chughtar Kaicao Jain [22] suggested a
deep convolutional neural network-based method for spoof recognition that reduces average
classification error by 69% in both known material and cross-material cases on LivDet 2015
datasets.
A convolutional neural network (CNN) that outperformed numerous fingerprint spoof detection
standards was suggested by Menotti et al. [23]. However, it needs a lot of training specimens,
exactly like other CNN-based techniques. Furthermore, there was no evaluation of its durability
across manufacturing techniques.
Datasets:
The benchmarks (datasets) that we take into consideration in our work is described in this
section. It is appropriate for assessing protection measures against fingerprint spoofing attacks
and are made accessible to everyone upon request. Liveness detection, a method for assessing a
biometric's strength, has been incorporated into scanning devices for fingerprints over the past
few years. Some of the versions used are described below:

LivDet2009: The first worldwide public competition for software-based fingerprint liveness
detection is called LivDet 2009. It is available to all educational and business establishments that
have an answer for the issue of software-based fingerprint vitality detection.[24]

LivDet2011: LivDet 2011 is the first public evaluation of system-based fingerprint liveness
detection and the second worldwide public competition for software-based fingerprint liveness
recognition. It assesses (1) software techniques that work with the fingerprint sensors that are
included in the training set and (2) integrated hardware/software applications for liveness
detection that are customized to a particular fingerprint sensor.[25]

LivDet2013: Four sets of authentic and fraudulent fingerprint readings from four capture sensors
—the Biometrika FX2000, Italdata ET10, Crossmatch L Scan Guardian, and Swipe—are
included in this dataset. In contrast to Crossmatch and Swipe, which created fake specimens with
customer cooperation, Biometrika and Italdata created fake specimens without user cooperation
for an extra lifelike situation. The synthetic fingerprints were made from a variety of resources,
such as latex, silicone, and gelatin.[23]

LivDet2015: In the competition's initial three variations, the substances utilized to make the
fakes were nearly identical. This constant might have prompted opponents to include settings
that might simply differentiate a real fingerprint from a fake by identifying the properties of a
particular element. The LivDet 2015 [19] test kit includes certain materials that had never been
used before in an attempt to handle any kind of material: a novel gelatine for Crossmatch, liquid
ecoflex and RTV for the Green Bit, Biometrika, and Digital Persona sensors OOMOO.[26][27]

Methodology

In this section we reviewed recent methodologies and their effectiveness that can be used to
detect fingerprint spoofing attacks.

1. Multispectral imaging: A modern technique called multispectral imaging takes pictures at

several electromagnetic wavelengths. Multispectral imaging expands the range of light by
including ultraviolet, near-infrared, and other wavelengths, in contrast to typical RGB
imaging, which only records red, green, and blue light. The identification of minute
variations in substances and surface features that are invisible to the human eye or
conventional imaging methods is made possible by this increased spectrum coverage.
Fundamentals and Uses: Specialized sensors and filters are used in multispectral imaging
to collect information at several wavelengths. Due to the varied spectral signatures
displayed by each substance, multispectral imaging systems are able to differentiate
between real and fake fingerprints. This method is very useful for detecting spoofing
materials that could visually resemble real fingerprints yet different from them.
2. Optical Coherence Tomography (OCT): A harmless imaging method frequently
employed in medical diagnostics, optical coherence tomography (OCT) is also being used
more and more in biometric security for fingerprint analysis. OCT produces fine-grained
cross-sectional pictures of the skin layers, including the epidermis and dermis, by shining
near-infrared light onto the fingerprint surface and detecting the light that is reflected.
Since spoofing substances frequently lack the intricate inner structure and depth features
of real skin, this detail is essential for differentiating between real fingerprints and spoof
reproductions.
 Effectiveness in Recording Subsurface Details: One of OCT's main benefits is its
capacity to see past the skin's surface, exposing subsurface structures that traditional
fingerprint scans are unable to show. The interior intricacy and anatomical characteristics
of genuine skin are sometimes absent from spoofing substances like thin films or molds.
By displaying the layered structure of the skin layers, OCT can identify these differences,
giving biometric systems the ability to accurately distinguish between real and fraudulent
fingerprints.
3. High-resolution 3d Imaging: Structural light scanning and laser scanning are two
examples of high-resolution 3D imaging methods that offer comprehensive topographical
details of fingerprint surfaces. 3D imaging techniques provide three-dimensional models
that accurately depict the physical structure of the fingerprint's ridges and valleys, in
contrast to typical 2D imaging, which simply records the surface pattern of fingerprints.
The individuality and complexity of fingerprint data are increased by this extra
dimensions, which makes it harder for spoofing efforts to duplicate.
Relative Benefits over Conventional Imaging Techniques: High-resolution 3D imaging
has a number of benefits over conventional 2D fingerprint scanners for anti-spoofing
purposes. initially of all, it records more detailed fingerprint information, such as minute
changes in ridge depths and shapes that are difficult to duplicate in fake fingerprints.
Furthermore, because 3D imaging can identify irregularities like flat surfaces or
homogeneous patterns suggestive of spoofing substances, it lessens the susceptibility to
presentation attacks. The total security and dependability of biometric authentication
systems are improved by combining strong matching algorithms via high-resolution 3D
imagery, which guarantees precise identification and verification procedures.
4. Artificial intelligence (AI): AI is essential in identifying fingerprint spoofing using
extensive image analysis. Artificial intelligence (AI) computers can recognize minute
features that differentiate authentic fingerprints from fake ones by using deep learning
techniques like convolutional neural networks (CNNs). These algorithms can identify
even the most complex spoofing attempts, such as high-resolution copies or digitally
changed photos, because they have been trained on large datasets of both real and fake
fingerprints. AI's real-time data processing capabilities improve security by promptly
detecting forged fingerprints during authentication to stop unwanted access.
5. Machine learning: AI-driven spoof recognition systems are built on machine learning
(ML), which allows them to evolve and adjust to new spoofing methods. At first, a
variety of datasets, including real and fake fingerprint photos, are used to train machine
learning algorithms. The algorithms are better able to distinguish between actual and
fraudulent fingerprints thanks to this training. As the algorithm gains experience with
new spoofing techniques, it improves its ability to spot unusual patterns and strengthen
the detection process as a whole.[23]

Future direction

Improvements in AI, machine learning, and imaging technology are likely to impact fingerprint
spoofing detection in the future. This field has the potential to go in a couple of directions:
 1. Integration of Multi-Modal Biometrics: Biometric systems can be made more accurate
and secure by integrating fingerprint data with other biometric identifiers, such as voice
recognition, iris scans, or facial recognition, rather than depending only on fingerprints.
A greater degree of assurance would be offered by multi-modal biometrics, which would
also guard against spoofing attacks that target just one modality.
2. Better Deep Learning Models: As deep learning methodologies advance, more complex
models will be created to identify ever-more-advanced spoofing techniques. The ability
of AI algorithms to distinguish even minute variations between real and fake fingerprints
will increase detection rates.
3. Adaptive Learning Systems: In the future, spoof detection systems may have ongoing
learning features, in which AI models change in real time to accommodate fresh and
inventive spoofing methods. As a result, the system would be more resilient and
adaptable, guaranteeing its efficacy even as spoofing techniques improve.
4. Real-World, Large-Scale Datasets: Accuracy will be increased by training AI models
with bigger, more varied datasets that represent real-world situations. It will be essential
to gather information on emerging spoofing techniques in order to create detection
systems that are more robust.
5. On-device monitoring: Future fingerprint spoof detection systems may employ edge
computing, in which AI algorithms process data directly on devices instead of depending
on cloud-based processing, to increase efficiency and speed. This would result in less
latency and quicker real-time spoof detection.
6. Improvements in Sensor Technology: Improvements in fingerprint sensors, including
multispectral or optical sensors, may make it possible to record more precise biometric
data, which would make fingerprint spoofing more difficult. To further confirm
authenticity, these sensors might pick up on extra layers of information like blood flow,
skin texture, or moisture.
7. Cooperation with Blockchain for Data Integrity: To guarantee data integrity and safe
biometric data storage, blockchain technology may be combined with fingerprint
detection. This will ensure that only legitimate biometric data is utilized for
authentication by making it more difficult for fake fingerprints to be entered into
databases.
These developments will contribute to the development of more robust, effective, and
flexible solutions to counter the future threat of fingerprint spoofing.
Conclusion

The increased risk of fingerprint spoofing in biometric security is highlighted in this study, along
with the necessity of preventative measures. It talks about how it is critical to investigate new
technologies because conventional biometric systems are insufficient to identify sophisticated
spoofing techniques. By obtaining more precise fingerprint information, advanced imaging
techniques such as multispectral imaging, optical coherence tomography (OCT), and high-
resolution 3D imaging can enhance spoof detection. By enabling real-time analysis and adjusting
to novel spoofing techniques, the combination of AI and machine learning improves these
imaging systems. There are obstacles to overcome, though, such expenses, user experience, and
technical problems. In the future, biometric security will require stricter regulations, cross-sector
alliances, and new imaging technologies. The objective is to develop authentication solutions
that are more reliable, safe, and private. Staying ahead of cyber dangers, protecting privacy, and
developing technology responsibly will all be essential to the success of these initiatives.
References

1. Liu, S., & Silverman, M. (2001). A practical guide to biometric security technology. IT
Professional, 3(1), 27-32.
2. Prabhu, N., Issrani, R., Mathur, S., Mishra, G., & Sinha, S. (2014). Dermatoglyphics in
health and oral diseases-A review. JSM Dent, 2(4), 1044.

3. Nayak, V., Shrivastava, U., Kumar, S., & Balkund, K. (2015). Dermatoglyphic study of
diabetes mellitus Type 2 in Maharashtrian population. International Journal of Medical
Science Research and Practice, 2(2), 66-69.
4. Yager, N., & Amin, A. (2004). Fingerprint classification: a review. Pattern Analysis and
Applications, 7, 77-93.

5. Han, Y. L., Ryu, C., Moon, J. C., Kim, H., & Choi, H. H. F. (2004). A Study on
Evaluating the Uniqueness of Fingerprints Using Statistical Analysis. Lecture Notes in
Computer Science, 467–477. https://doi.org/10.1007/11496618_34
6. Pankanti S, Prabhakar S, Jain A (2002) On the individuality of fingerprints. IEEE Trans
Patt Anal Mach Intell 24(8):1010–1025
7. Jain A, Prabhakar A, Pankanti A (2002) On the similarity of identical twin fingerprints.
Patt Recog 35(11):2653–2663
8. Kulkarni, S. S., & Patil, H. Y. (2015). Survey on fingerprint spoofing detection
techniques and databases. International Journal of Computer Applications, 975,
8887.
9. Ametefe, D.S., Sarnin, S.S., Ali, D.M. et al. Advancements and challenges in
fingerprint presentation attack detection: a systematic literature review. Neural
Comput & Applic (2024). https://doi.org/10.1007/s00521-024-10423-8
10. Drahanský, M., Kanich, O., Březinová, E. (2017). Challenges for Fingerprint
Recognition—Spoofing, Skin Diseases, and Environmental Effects. In: Tistarelli,
M., Champod, C. (eds) Handbook of Biometrics for Forensic Science. Advances
in Computer Vision and Pattern Recognition. Springer, Cham.
https://doi.org/10.1007/978-3-319-50673-9_4
11. Sepasian, M., Mares, C., Mares, C., & Balachandran, W. (2010). Liveness and
spoofing in fingerprint identification: issues and challenges.
12. Micheal, T., & Godwill, J. (2024). Future Trends in Biometric Security:
Addressing Fingerprint Spoofing with Advanced Imaging (No. 13626). EasyChair.
13. L. Ghiani, D. Yambay, V. Mura, S. Tocco, G. Marcialis, F. Roli, and S. Schuckcrs, “Livdet
2013 – fingerprint liveness detection competition,” in International Conference on
Biometrics (ICB), 2013, pp. 1–6. [Online]. Available: http://prag.diee.unica.it/fldc/
14. J. Galbally, F. Alonso-Fernandez, J. Fierrez, and J. Ortega-Garcia, “Fingerprint liveness
detection based on quality measures,” in Int. Conference on Biometrics, Identity and
Security (BIDS), 2009, pp. 1–8.
15. G. L. Marcialis, A. Lewicke, B. Tan, P. Coli, D. Grimberg, A. Congiu, A. Tidu, F. Roli, and S.
A. C. Schuckers, “Livdet 2009 – first international fingerprint liveness detection
competition,” in Int. Conference on Image Analysis and Processing February 2, 2015
DRAFT 35 (ICIAP), ser. Lecture Notes in Computer Science, P. Foggia, C. Sansone, and M.
Vento, Eds., vol. 5716. Springer, 2009, pp. 12–23. [Online]. Available:
http://prag.diee.unica.it/LivDet09
16. J. Galbally, F. Alonso-Fernandez, J. Fierrez, and J. Ortega-Garcia, “A high performance
fingerprint liveness detection method based on quality related features,” Future
Generation Computer Systems, vol. 28, no. 1, pp. 311–321, 2012.
17. D. Gragnaniello, G. Poggi, C. Sansone, and L. Verdoliva, “Fingerprint liveness detection
based on weber local image descriptor,” in IEEE Workshop on Biometric Measurements
and Systems for Security and Medical Applications, 2013, pp. 46–50.
18. X. Jia, X. Yang, Y. Zang, N. Zhang, R. Dai, J. Tian, and J. Zhao, “Multi-scale block local
ternary patterns for fingerprints vitality detection,” in IAPR Int. Conference on
Biometrics (ICB), 2013, pp. 1–6.
19. L. Ghiani, A. Hadid, G. Marcialis, and F. Roli, “Fingerprint liveness detection using
binarized statistical image features,” in IEEE Int. Conference on Biometrics: Theory
Applications and Systems (VISAPP), 2013, pp. 1–6.
20. J. Kannala and E. Rahtu, “Bsif: Binarized statistical image features,” in Int. Conference on
Pattern Recognition (ICPR), 2012, pp. 1363–1366.
21. A. Hyvrinen, J. Hurri, and P. O. Hoyer, Natural Image Statistics: A Probabilistic Approach
to Early Computational Vision, 1st ed. Springer Publishing Company, Incorporated, 2009.
22. Chugh, T., Cao, K., & Jain, A. K. (2017, October). Fingerprint spoof detection
using minutiae-based local patches. In 2017 IEEE International Joint Conference
on Biometrics (IJCB) (pp. 581-589). IEEE.
23. D. Menotti, G. Chiachia, A. Pinto, W. R. Schwartz, H. Pedrini, A. X. Falcao, and A. Rocha,
“Deep representations for iris, face, and fingerprint spoofing detection,” IEEE
Transactions on Information Forensics and Security, vol. 10, no. 4, pp. 864–879, 2015.
24. Marcialis, G. L., Lewicke, A., Tan, B., Coli, P., Grimberg, D., Congiu, A., ... &
Schuckers, S. (2009). First international fingerprint liveness detection competition
—LivDet 2009. In Image Analysis and Processing–ICIAP 2009: 15th
International Conference Vietri sul Mare, Italy, September 8-11, 2009
Proceedings 15 (pp. 12-23). Springer Berlin Heidelberg.
25. Yambay, D., Ghiani, L., Denti, P., Marcialis, G. L., Roli, F., & Schuckers, S.
(2012, March). LivDet 2011—Fingerprint liveness detection competition 2011.
 In 2012 5th IAPR international conference on biometrics (ICB) (pp. 208-215).
IEEE.
26. Micheletto, M., Orrù, G., Casula, R., Yambay, D., Marcialis, G. L., & Schuckers,
S. (2023). Review of the fingerprint liveness detection (livdet) competition series:
from 2009 to 2021. Handbook of biometric anti-spoofing: presentation attack
detection and vulnerability assessment, 57-76.
27. V. Mura, L. Ghiani, G. L. Marcialis, F. Roli, D. A. Yambay, and S. A. Schuckers. Livdet 2015
fingerprint liveness detection competition 2015. In 2015 IEEE 7th International
Conference on Biometrics Theory, Applications and Systems (BTAS), pages 1–6, 2015.